Tesla called me to ask if I wanted to order new key fobs

[markb1]

i didn't think the relays decoded the signal, just relayed it, I dont believe anyone is hacking 40 bit DES at this level.
If this is the case it doesnt matter the security protocol because it is just an rf capture.

The new keys might have better randomization though which is more likely to make the difference.
I dont think Tesla are offering the new key as a definitive cure all for relay type hacks.

Personally I loathe the PIN entry method, but understand why it has been implemented.
I'm still hoping for a more advanced solution to emerge from Tesla in due course.
Until then no PE or metal holders for the keys for me.

There's a proof-of-concept attack that exploits the weak encryption to clone the key fob:

Fast, Furious and Insecure: Passive Keyless Entry and Start in Modern Supercars

 

[MP3Mike]

I have a metal frame-style fob holder. I wonder if that's enough to block or alter the signal - doubtful.

If the car can communicate with your fob a passer-by can capture and clone your fob. At which point only revoking your fob's access to the car would protect you.

 

[TaoJones]

If the car can communicate with your fob a passer-by can capture and clone your fob. At which point only revoking your fob's access to the car would protect you.

Much appreciated - thanks.

 

[Rockster]

Hmmm. My local SC quoted $230 per fob.

 

[BigD0g]

i didn't think the relays decoded the signal, just relayed it, I dont believe anyone is hacking 40 bit DES at this level.
If this is the case it doesnt matter the security protocol because it is just an rf capture.

The new keys might have better randomization though which is more likely to make the difference.
I dont think Tesla are offering the new key as a definitive cure all for relay type hacks.

Personally I loathe the PIN entry method, but understand why it has been implemented.
I'm still hoping for a more advanced solution to emerge from Tesla in due course.
Until then no PE or metal holders for the keys for me.

The new keys are 256bit AES, much much better encryption

 

[Ande]

It's not reasonable, not at all.
yes, every car manufacturer loves to squeeze money for lost/stolen/washed FOB's, yes those prices are crazy.
The actual price of the electronics inside is <$10 , the whole FOB, maybe $15. (just think of similar electronics, doing cryptography is not expensive.)

now remember this is a design flaw/security risk.

Would you accept to pay full price plus premium on top for any other part of the car that had a design flaw ?

This is just embarrassing for Tesla. I am ashamed of seeing them do this.

 

[GWord]

It's not reasonable, not at all.
yes, every car manufacturer loves to squeeze money for lost/stolen/washed FOB's, yes those prices are crazy.
The actual price of the electronics inside is <$10 , the whole FOB, maybe $15. (just think of similar electronics, doing cryptography is not expensive.)

now remember this is a design flaw/security risk.

Would you accept to pay full price plus premium on top for any other part of the car that had a design flaw ?

This is just embarrassing for Tesla. I am ashamed of seeing them do this.

The FOB isn't manufactured by Tesla so the wholesale price they pay might indeed be above $100usd. Their price is quite a bit cheaper than most other manufacturers. I suspect high wholesale prices for these keys played a part in their decision to try to use the smartphone system on the Model 3 to eliminate them.

 

[BigD0g]

I seriously doubt the massed produced fob costs Tesla $100 that's more then the freaking radar costs at less volume since it's 2 keys per car and 1 radar.

 

[GWord]

I seriously doubt the massed produced fob costs Tesla $100 that's more then the freaking radar costs at less volume since it's 2 keys per car and 1 radar.

Seems awfully simplistic, saying that because Part A is $$, Part B should also be $$? "Hey, the rear view mirror is $35 but the tires are $300 each. There's 4 of them and only 1 mirror therefore the tires should be cheaper than $35 because economies of scale..."

Bottom line is that the FOB manufacturer will charge whatever the market will bear with the floor being something near the cost to produce plus whatever other overhead Pektron needs to stay in business. The only real data point you have is that Tesla charges $150 and thus far hasn't had a robust profit center from their service items.

 

[thegruf]

The new keys are 256bit AES, much much better encryption

The primary mode of theft recently in the UK has been stated as relay attacks.hence my point that the new more secure keys do not necessarily defend against this type of attack.

I was not initially aware that the 40bit DES security could be so readily compromised - @markb1 post was very informative, even now although the weakness has been highlighted I am not sure if any Tesla thefts have been directly attributed to this hack.

This is no more embarrassing for Tesla than any other manufacturer with PE being compromised.
Reality in this world is any security is just wating to be compromised.
In fact Tesla can absolutely be prasied for being more pro-active in resolving this than any other manufacturer.

As for the replacement cost - well that is the typical rate for a replacement key.
Way more than the parts cost but so is everything in this world, spares especially.

That said, It is not unreasonable to hope that Tesla could come up with a one-off replacement program at a reduced cost due to volume

 

[swegman]

They don't need to give whole new keys. They could just swap the pc board inside the fob.

 

[rfmurphy81]

I sent an email to their general support address asking if my mid-June 2018 Model S has the old fob or the new job on 9/10 but haven't heard a response back yet. Has anyone figured out a way to determine which one is which yet? Opening up the battery cover, I see 315 MHz plus a two digit letter and 5 digit number code, which I assume is associated to my vehicle.

 

[MP3Mike]

I sent an email to their general support address asking if my mid-June 2018 Model S has the old fob or the new job on 9/10 but haven't heard a response back yet. Has anyone figured out a way to determine which one is which yet? Opening up the battery cover, I see 315 MHz plus a two digit letter and 5 digit number code, which I assume is associated to my vehicle.

What is the FCC ID on your fob. I would think that the FCC ID would have changed...

 

[rfmurphy81]

What is the FCC ID on your fob. I would think that the FCC ID would have changed...

Looking under the battery, it shows FCC ID AQO002 and Model No is a 6-digit value ending in a G12. What do those of you with July or newer cars show? And those with May or older cars?